| APPL-14-001001 |
V1R2 |
The macOS system must be configured to audit all administrative action events. |
|
| SLES-12-020200 |
V2R11 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. |
|
| SLES-12-020210 |
V2R11 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. |
|
| SLES-12-020220 |
V2R11 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. |
|
| SLES-12-020230 |
V2R11 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. |
|
| SLES-12-020590 |
V2R11 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. |
|
| UBTU-20-010100 |
V1R12 |
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. |
|
| UBTU-20-010101 |
V1R12 |
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. |
|
| UBTU-20-010102 |
V1R12 |
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. |
|
| UBTU-20-010103 |
V1R12 |
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. |
|
| UBTU-20-010104 |
V1R12 |
The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. |
|
| SLES-15-030000 |
V1R12 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. |
|
| SLES-15-030010 |
V1R12 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. |
|
| SLES-15-030020 |
V1R12 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. |
|
| SLES-15-030030 |
V1R12 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. |
|
| SLES-15-030040 |
V1R12 |
The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. |
|
| WN10-AU-000030 |
V3R2 |
The system must be configured to audit Account Management - Security Group Management successes. |
|
| WN10-AU-000035 |
V3R2 |
The system must be configured to audit Account Management - User Account Management failures. |
|
| WN10-AU-000040 |
V3R2 |
The system must be configured to audit Account Management - User Account Management successes. |
|
| WN19-AU-000100 |
V3R2 |
Windows Server 2019 must be configured to audit Account Management - Security Group Management successes. |
|
| WN19-AU-000110 |
V3R2 |
Windows Server 2019 must be configured to audit Account Management - User Account Management successes. |
|
| WN19-AU-000120 |
V3R2 |
Windows Server 2019 must be configured to audit Account Management - User Account Management failures. |
|
| WN19-DC-000230 |
V3R2 |
Windows Server 2019 must be configured to audit Account Management - Computer Account Management successes. |
|
| UBTU-22-654130 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. |
|
| UBTU-22-654135 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. |
|
| UBTU-22-654140 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. |
|
| UBTU-22-654145 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. |
|
| UBTU-22-654150 |
V2R2 |
Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. |
|
| WN16-AU-000120 |
V2R7 |
Windows Server 2016 must be configured to audit Account Management - Security Group Management successes. |
|
| WN16-AU-000140 |
V2R7 |
Windows Server 2016 must be configured to audit Account Management - User Account Management successes. |
|
| WN16-AU-000150 |
V2R7 |
Windows Server 2016 must be configured to audit Account Management - User Account Management failures. |
|
| WN16-DC-000230 |
V2R7 |
Windows Server 2016 must be configured to audit Account Management - Computer Account Management successes. |
|
| WN22-AU-000100 |
V1R4 |
Windows Server 2022 must be configured to audit Account Management - Security Group Management successes. |
|
| WN22-AU-000110 |
V1R4 |
Windows Server 2022 must be configured to audit Account Management - User Account Management successes. |
|
| WN22-AU-000120 |
V1R4 |
Windows Server 2022 must be configured to audit Account Management - User Account Management failures. |
|
| WN22-DC-000230 |
V1R4 |
Windows Server 2022 must be configured to audit Account Management - Computer Account Management successes. |
|
| RHEL-07-030870 |
V3R6 |
The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. |
|
| RHEL-07-030871 |
V3R6 |
The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. |
|
| RHEL-07-030872 |
V3R6 |
The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. |
|
| RHEL-07-030873 |
V3R6 |
The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. |
|
| RHEL-07-030874 |
V3R6 |
The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. |
|
| RHEL-09-654215 |
V1R3 |
RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. |
|
| RHEL-09-654220 |
V1R3 |
RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. |
|
| RHEL-09-654225 |
V1R3 |
RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. |
|
| RHEL-09-654230 |
V1R3 |
RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. |
|
| RHEL-09-654235 |
V1R3 |
RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd. |
|
| RHEL-09-654240 |
V1R3 |
RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. |
|
| RHEL-09-654245 |
V1R3 |
RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. |
|
| OL08-00-030130 |
V1R3 |
OL 8 must generate audit records for all account creation events that affect "/etc/shadow". |
|
| OL08-00-030140 |
V1R3 |
OL 8 must generate audit records for all account creation events that affect "/etc/security/opasswd". |
|
| OL08-00-030150 |
V1R3 |
OL 8 must generate audit records for all account creation events that affect "/etc/passwd". |
|
| OL08-00-030160 |
V1R3 |
OL 8 must generate audit records for all account creation events that affect "/etc/gshadow". |
|
| OL08-00-030170 |
V1R3 |
OL 8 must generate audit records for all account creation events that affect "/etc/group". |
|
| OL08-00-030171 |
V1R3 |
OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers". |
|
| OL08-00-030172 |
V1R3 |
OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers.d/". |
|
| OL07-00-030870 |
V2R11 |
The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. |
|
| OL07-00-030871 |
V2R11 |
The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. |
|
| OL07-00-030872 |
V2R11 |
The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. |
|
| OL07-00-030873 |
V2R11 |
The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. |
|
| OL07-00-030874 |
V2R11 |
The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. |
|